<atom:link href="http://people.skolelinux.org/pere/blog/index.rss" rel="self" type="application/rss+xml" />
<item>
- <title>Sales number for the Free Culture translation, first half of 2016</title>
- <link>http://people.skolelinux.org/pere/blog/Sales_number_for_the_Free_Culture_translation__first_half_of_2016.html</link>
- <guid isPermaLink="true">http://people.skolelinux.org/pere/blog/Sales_number_for_the_Free_Culture_translation__first_half_of_2016.html</guid>
- <pubDate>Fri, 5 Aug 2016 22:45:00 +0200</pubDate>
- <description><p>As my regular readers probably remember, the last year I published
-a French and Norwegian translation of the classic
-<a href="http://www.free-culture.cc/">Free Culture book</a> by the
-founder of the Creative Commons movement, Lawrence Lessig. A bit less
-known is the fact that due to the way I created the translations,
-using docbook and po4a, I also recreated the English original. And
-because I already had created a new the PDF edition, I published it
-too. The revenue from the books are sent to the Creative Commons
-Corporation. In other words, I do not earn any money from this
-project, I just earn the warm fuzzy feeling that the text is available
-for a wider audience and more people can learn why the Creative
-Commons is needed.</p>
-
-<p>Today, just for fun, I had a look at the sales number over at
-Lulu.com, which take care of payment, printing and shipping. Much to
-my surprise, the English edition is selling better than both the
-French and Norwegian edition, despite the fact that it has been
-available in English since it was first published. In total, 24 paper
-books was sold for USD $19.99 between 2016-01-01 and 2016-07-31:</p>
-
-<table border="0">
-<tr><th>Title / language</th><th>Quantity</th></tr>
-<tr><td><a href="http://www.lulu.com/shop/lawrence-lessig/culture-libre/paperback/product-22645082.html">Culture Libre / French</a></td><td>3</td></tr>
-<tr><td><a href="http://www.lulu.com/shop/lawrence-lessig/fri-kultur/paperback/product-22441576.html">Fri kultur / Norwegian</a></td><td>7</td></tr>
-<tr><td><a href="http://www.lulu.com/shop/lawrence-lessig/free-culture/paperback/product-22440520.html">Free Culture / English</a></td><td>14</td></tr>
-</table>
-
-<p>The books are available both from Lulu.com and from large book
-stores like Amazon and Barnes&Noble. Most revenue, around $10 per
-book, is sent to the Creative Commons project when the book is sold
-directly by Lulu.com. The other channels give less revenue. The
-summary from Lulu tell me 10 books was sold via the Amazon channel, 10
-via Ingram (what is this?) and 4 directly by Lulu. And Lulu.com tells
-me that the revenue sent so far this year is USD $101.42. No idea
-what kind of sales numbers to expect, so I do not know if that is a
-good amount of sales for a 10 year old book or not. But it make me
-happy that the buyers find the book, and I hope they enjoy reading it
-as much as I did.</p>
-
-<p>The ebook edition is available for free from
-<a href="https://github.com/petterreinholdtsen/free-culture-lessig">Github</a>.</p>
-
-<p>If you would like to translate and publish the book in your native
-language, I would be happy to help make it happen. Please get in
-touch.</p>
+ <title>Mangler du en skrue, eller har du en skrue løs?</title>
+ <link>http://people.skolelinux.org/pere/blog/Mangler_du_en_skrue__eller_har_du_en_skrue_l_s_.html</link>
+ <guid isPermaLink="true">http://people.skolelinux.org/pere/blog/Mangler_du_en_skrue__eller_har_du_en_skrue_l_s_.html</guid>
+ <pubDate>Wed, 4 Oct 2017 09:40:00 +0200</pubDate>
+ <description>Når jeg holder på med ulike prosjekter, så trenger jeg stadig ulike
+skruer. Det siste prosjektet jeg holder på med er å lage
+<a href="https://www.thingiverse.com/thing:676916">en boks til en
+HDMI-touch-skjerm</a> som skal brukes med Raspberry Pi. Boksen settes
+sammen med skruer og bolter, og jeg har vært i tvil om hvor jeg kan
+få tak i de riktige skruene. Clas Ohlson og Jernia i nærheten har
+sjelden hatt det jeg trenger. Men her om dagen fikk jeg et fantastisk
+tips for oss som bor i Oslo.
+<a href="http://www.zachskruer.no/">Zachariassen Jernvare AS</a> i
+<a href="http://www.openstreetmap.org/?mlat=59.93421&mlon=10.76795#map=19/59.93421/10.76795">Hegermannsgate
+23A på Torshov</a> har et fantastisk utvalg, og åpent mellom 09:00 og
+17:00. De selger skruer, muttere, bolter, skiver etc i løs vekt, og
+så langt har jeg fått alt jeg har lett etter. De har i tillegg det
+meste av annen jernvare, som verktøy, lamper, ledninger, etc. Jeg
+håper de har nok kunder til å holde det gående lenge, da dette er en
+butikk jeg kommer til å besøke ofte. Butikken er et funn å ha i
+nabolaget for oss som liker å bygge litt selv. :)</p>
</description>
</item>
<item>
- <title>Vitenskapen tar som vanlig feil igjen - relativt feil</title>
- <link>http://people.skolelinux.org/pere/blog/Vitenskapen_tar_som_vanlig_feil_igjen___relativt_feil.html</link>
- <guid isPermaLink="true">http://people.skolelinux.org/pere/blog/Vitenskapen_tar_som_vanlig_feil_igjen___relativt_feil.html</guid>
- <pubDate>Mon, 1 Aug 2016 16:00:00 +0200</pubDate>
- <description><p>For mange år siden leste jeg en klassisk tekst som gjorde såpass
-inntrykk på meg at jeg husker den fortsatt, flere år senere, og bruker
-argumentene fra den stadig vekk. Teksten var «The Relativity of
-Wrong» som Isaac Asimov publiserte i Skeptical Inquirer i 1989. Den
-gir litt perspektiv rundt formidlingen av vitenskapelige resultater.
-Jeg har hatt lyst til å kunne dele den også med folk som ikke
-behersker engelsk så godt, som barn og noen av mine eldre slektninger,
-og har savnet å ha den tilgjengelig på norsk. For to uker siden tok
-jeg meg sammen og kontaktet Asbjørn Dyrendal i foreningen Skepsis om
-de var interessert i å publisere en norsk utgave på bloggen sin, og da
-han var positiv tok jeg kontakt med Skeptical Inquirer og spurte om
-det var greit for dem. I løpet av noen dager fikk vi tilbakemelding
-fra Barry Karr hos The Skeptical Inquirer som hadde sjekket og fått OK
-fra Robyn Asimov som representerte arvingene i Asmiov-familien og gikk
-igang med oversettingen.</p>
-
-<p>Resultatet, <a href="http://www.skepsis.no/?p=1617">«Relativt
-feil»</a>, ble publisert på skepsis-bloggen for noen minutter siden.
-Jeg anbefaler deg på det varmeste å lese denne teksten og dele den med
-dine venner.</p>
-
-<p>For å håndtere oversettelsen og sikre at original og oversettelse
-var i sync brukte vi git, po4a, GNU make og Transifex. Det hele
-fungerte utmerket og gjorde det enkelt å dele tekstene og jobbe sammen
-om finpuss på formuleringene. Hadde hosted.weblate.org latt meg
-opprette nye prosjekter selv i stedet for å måtte kontakte
-administratoren der, så hadde jeg brukt weblate i stedet.</p>
+ <title>Visualizing GSM radio chatter using gr-gsm and Hopglass</title>
+ <link>http://people.skolelinux.org/pere/blog/Visualizing_GSM_radio_chatter_using_gr_gsm_and_Hopglass.html</link>
+ <guid isPermaLink="true">http://people.skolelinux.org/pere/blog/Visualizing_GSM_radio_chatter_using_gr_gsm_and_Hopglass.html</guid>
+ <pubDate>Fri, 29 Sep 2017 10:30:00 +0200</pubDate>
+ <description><p>Every mobile phone announce its existence over radio to the nearby
+mobile cell towers. And this radio chatter is available for anyone
+with a radio receiver capable of receiving them. Details about the
+mobile phones with very good accuracy is of course collected by the
+phone companies, but this is not the topic of this blog post. The
+mobile phone radio chatter make it possible to figure out when a cell
+phone is nearby, as it include the SIM card ID (IMSI). By paying
+attention over time, one can see when a phone arrive and when it leave
+an area. I believe it would be nice to make this information more
+available to the general public, to make more people aware of how
+their phones are announcing their whereabouts to anyone that care to
+listen.</p>
+
+<p>I am very happy to report that we managed to get something
+visualizing this information up and running for
+<a href="http://norwaymakers.org/osf17">Oslo Skaperfestival 2017</a>
+(Oslo Makers Festival) taking place today and tomorrow at Deichmanske
+library. The solution is based on the
+<a href="http://people.skolelinux.org/pere/blog/Easier_recipe_to_observe_the_cell_phones_around_you.html">simple
+recipe for listening to GSM chatter</a> I posted a few days ago, and
+will show up at the stand of <a href="http://sonen.ifi.uio.no/">Åpen
+Sone from the Computer Science department of the University of
+Oslo</a>. The presentation will show the nearby mobile phones (aka
+IMSIs) as dots in a web browser graph, with lines to the dot
+representing mobile base station it is talking to. It was working in
+the lab yesterday, and was moved into place this morning.</p>
+
+<p>We set up a fairly powerful desktop machine using Debian
+Buster/Testing with several (five, I believe) RTL2838 DVB-T receivers
+connected and visualize the visible cell phone towers using an
+<a href="https://github.com/marlow925/hopglass">English version of
+Hopglass</a>. A fairly powerfull machine is needed as the
+grgsm_livemon_headless processes from
+<a href="https://tracker.debian.org/pkg/gr-gsm">gr-gsm</a> converting
+the radio signal to data packages is quite CPU intensive.</p>
+
+<p>The frequencies to listen to, are identified using a slightly
+patched scan-and-livemon (to set the --args values for each receiver),
+and the Hopglass data is generated using the
+<a href="https://github.com/petterreinholdtsen/IMSI-catcher/tree/meshviewer-output">patches
+in my meshviewer-output branch</a>. For some reason we could not get
+more than four SDRs working. There is also a geographical map trying
+to show the location of the base stations, but I believe their
+coordinates are hardcoded to some random location in Germany, I
+believe. The code should be replaced with code to look up location in
+a text file, a sqlite database or one of the online databases
+mentioned in
+<a href="https://github.com/Oros42/IMSI-catcher/issues/14">the github
+issue for the topic</a>.
+
+<p>If this sound interesting, visit the stand at the festival!</p>
</description>
</item>
<item>
- <title>Techno TV broadcasting live across Norway and the Internet (#debconf16, #nuug) on @frikanalen</title>
- <link>http://people.skolelinux.org/pere/blog/Techno_TV_broadcasting_live_across_Norway_and_the_Internet___debconf16___nuug__on__frikanalen.html</link>
- <guid isPermaLink="true">http://people.skolelinux.org/pere/blog/Techno_TV_broadcasting_live_across_Norway_and_the_Internet___debconf16___nuug__on__frikanalen.html</guid>
- <pubDate>Mon, 1 Aug 2016 10:30:00 +0200</pubDate>
- <description><p>Did you know there is a TV channel broadcasting talks from DebConf
-16 across an entire country? Or that there is a TV channel
-broadcasting talks by or about
-<a href="http://beta.frikanalen.no/video/625529/">Linus Torvalds</a>,
-<a href="http://beta.frikanalen.no/video/625599/">Tor</a>,
-<a href="http://beta.frikanalen.no/video/624019/">OpenID</A>,
-<a href="http://beta.frikanalen.no/video/625624/">Common Lisp</a>,
-<a href="http://beta.frikanalen.no/video/625446/">Civic Tech</a>,
-<a href="http://beta.frikanalen.no/video/625090/">EFF founder John Barlow</a>,
-<a href="http://beta.frikanalen.no/video/625432/">how to make 3D
-printer electronics</a> and many more fascinating topics? It works
-using only free software (all of it
-<a href="http://github.com/Frikanalen">available from Github</a>), and
-is administrated using a web browser and a web API.</p>
-
-<p>The TV channel is the Norwegian open channel
-<a href="http://www.frikanalen.no/">Frikanalen</a>, and I am involved
-via <a href="https://www.nuug.no/">the NUUG member association</a> in
-running and developing the software for the channel. The channel is
-organised as a member organisation where its members can upload and
-broadcast what they want (think of it as Youtube for national
-broadcasting television). Individuals can broadcast too. The time
-slots are handled on a first come, first serve basis. Because the
-channel have almost no viewers and very few active members, we can
-experiment with TV technology without too much flack when we make
-mistakes. And thanks to the few active members, most of the slots on
-the schedule are free. I see this as an opportunity to spread
-knowledge about technology and free software, and have a script I run
-regularly to fill up all the open slots the next few days with
-technology related video. The end result is a channel I like to
-describe as Techno TV - filled with interesting talks and
-presentations.</p>
-
-<p>It is available on channel 50 on the Norwegian national digital TV
-network (RiksTV). It is also available as a multicast stream on
-Uninett. And finally, it is available as
-<a href="http://beta.frikanalen.no/">a WebM unicast stream</a> from
-Frikanalen and NUUG. Check it out. :)</p>
+ <title>Easier recipe to observe the cell phones around you</title>
+ <link>http://people.skolelinux.org/pere/blog/Easier_recipe_to_observe_the_cell_phones_around_you.html</link>
+ <guid isPermaLink="true">http://people.skolelinux.org/pere/blog/Easier_recipe_to_observe_the_cell_phones_around_you.html</guid>
+ <pubDate>Sun, 24 Sep 2017 08:30:00 +0200</pubDate>
+ <description><p>A little more than a month ago I wrote
+<a href="http://people.skolelinux.org/pere/blog/Simpler_recipe_on_how_to_make_a_simple__7_IMSI_Catcher_using_Debian.html">how
+to observe the SIM card ID (aka IMSI number) of mobile phones talking
+to nearby mobile phone base stations using Debian GNU/Linux and a
+cheap USB software defined radio</a>, and thus being able to pinpoint
+the location of people and equipment (like cars and trains) with an
+accuracy of a few kilometer. Since then we have worked to make the
+procedure even simpler, and it is now possible to do this without any
+manual frequency tuning and without building your own packages.</p>
+
+<p>The <a href="https://tracker.debian.org/pkg/gr-gsm">gr-gsm</a>
+package is now included in Debian testing and unstable, and the
+IMSI-catcher code no longer require root access to fetch and decode
+the GSM data collected using gr-gsm.</p>
+
+<p>Here is an updated recipe, using packages built by Debian and a git
+clone of two python scripts:</p>
+
+<ol>
+
+<li>Start with a Debian machine running the Buster version (aka
+ testing).</li>
+
+<li>Run '<tt>apt install gr-gsm python-numpy python-scipy
+ python-scapy</tt>' as root to install required packages.</li>
+
+<li>Fetch the code decoding GSM packages using '<tt>git clone
+ github.com/Oros42/IMSI-catcher.git</tt>'.</li>
+
+<li>Insert USB software defined radio supported by GNU Radio.</li>
+
+<li>Enter the IMSI-catcher directory and run '<tt>python
+ scan-and-livemon</tt>' to locate the frequency of nearby base
+ stations and start listening for GSM packages on one of them.</li>
+
+<li>Enter the IMSI-catcher directory and run '<tt>python
+ simple_IMSI-catcher.py</tt>' to display the collected information.</li>
+
+</ol>
+
+<p>Note, due to a bug somewhere the scan-and-livemon program (actually
+<a href="https://github.com/ptrkrysik/gr-gsm/issues/336">its underlying
+program grgsm_scanner</a>) do not work with the HackRF radio. It does
+work with RTL 8232 and other similar USB radio receivers you can get
+very cheaply
+(<a href="https://www.ebay.com/sch/items/?_nkw=rtl+2832">for example
+from ebay</a>), so for now the solution is to scan using the RTL radio
+and only use HackRF for fetching GSM data.</p>
+
+<p>As far as I can tell, a cell phone only show up on one of the
+frequencies at the time, so if you are going to track and count every
+cell phone around you, you need to listen to all the frequencies used.
+To listen to several frequencies, use the --numrecv argument to
+scan-and-livemon to use several receivers. Further, I am not sure if
+phones using 3G or 4G will show as talking GSM to base stations, so
+this approach might not see all phones around you. I typically see
+0-400 IMSI numbers an hour when looking around where I live.</p>
+
+<p>I've tried to run the scanner on a
+<a href="https://wiki.debian.org/RaspberryPi">Raspberry Pi 2 and 3
+running Debian Buster</a>, but the grgsm_livemon_headless process seem
+to be too CPU intensive to keep up. When GNU Radio print 'O' to
+stdout, I am told there it is caused by a buffer overflow between the
+radio and GNU Radio, caused by the program being unable to read the
+GSM data fast enough. If you see a stream of 'O's from the terminal
+where you started scan-and-livemon, you need a give the process more
+CPU power. Perhaps someone are able to optimize the code to a point
+where it become possible to set up RPi3 based GSM sniffers? I tried
+using Raspbian instead of Debian, but there seem to be something wrong
+with GNU Radio on raspbian, causing glibc to abort().</p>
</description>
</item>
<item>
- <title>Unlocking HTC Desire HD on Linux using unruu and fastboot</title>
- <link>http://people.skolelinux.org/pere/blog/Unlocking_HTC_Desire_HD_on_Linux_using_unruu_and_fastboot.html</link>
- <guid isPermaLink="true">http://people.skolelinux.org/pere/blog/Unlocking_HTC_Desire_HD_on_Linux_using_unruu_and_fastboot.html</guid>
- <pubDate>Thu, 7 Jul 2016 11:30:00 +0200</pubDate>
- <description><p>Yesterday, I tried to unlock a HTC Desire HD phone, and it proved
-to be a slight challenge. Here is the recipe if I ever need to do it
-again. It all started by me wanting to try the recipe to set up
-<a href="https://blog.torproject.org/blog/mission-impossible-hardening-android-security-and-privacy">an
-hardened Android installation</a> from the Tor project blog on a
-device I had access to. It is a old mobile phone with a broken
-microphone The initial idea had been to just
-<a href="http://wiki.cyanogenmod.org/w/Install_CM_for_ace">install
-CyanogenMod on it</a>, but did not quite find time to start on it
-until a few days ago.</p>
-
-<p>The unlock process is supposed to be simple: (1) Boot into the boot
-loader (press volume down and power at the same time), (2) select
-'fastboot' before (3) connecting the device via USB to a Linux
-machine, (4) request the device identifier token by running 'fastboot
-oem get_identifier_token', (5) request the device unlocking key using
-the <a href="http://www.htcdev.com/bootloader/">HTC developer web
-site</a> and unlock the phone using the key file emailed to you.</p>
-
-<p>Unfortunately, this only work fi you have hboot version 2.00.0029
-or newer, and the device I was working on had 2.00.0027. This
-apparently can be easily fixed by downloading a Windows program and
-running it on your Windows machine, if you accept the terms Microsoft
-require you to accept to use Windows - which I do not. So I had to
-come up with a different approach. I got a lot of help from AndyCap
-on #nuug, and would not have been able to get this working without
-him.</p>
-
-<p>First I needed to extract the hboot firmware from
-<a href="http://www.htcdev.com/ruu/PD9810000_Ace_Sense30_S_hboot_2.00.0029.exe">the
-windows binary for HTC Desire HD</a> downloaded as 'the RUU' from HTC.
-For this there is is <a href="https://github.com/kmdm/unruu/">a github
-project named unruu</a> using libunshield. The unshield tool did not
-recognise the file format, but unruu worked and extracted rom.zip,
-containing the new hboot firmware and a text file describing which
-devices it would work for.</p>
-
-<p>Next, I needed to get the new firmware into the device. For this I
-followed some instructions
-<a href="http://www.htc1guru.com/2013/09/new-ruu-zips-posted/">available
-from HTC1Guru.com</a>, and ran these commands as root on a Linux
-machine with Debian testing:</p>
-
-<p><pre>
-adb reboot-bootloader
-fastboot oem rebootRUU
-fastboot flash zip rom.zip
-fastboot flash zip rom.zip
-fastboot reboot
-</pre></p>
-
-<p>The flash command apparently need to be done twice to take effect,
-as the first is just preparations and the second one do the flashing.
-The adb command is just to get to the boot loader menu, so turning the
-device on while holding volume down and the power button should work
-too.</p>
-
-<p>With the new hboot version in place I could start following the
-instructions on the HTC developer web site. I got the device token
-like this:</p>
-
-<p><pre>
-fastboot oem get_identifier_token 2>&1 | sed 's/(bootloader) //'
-</pre>
-
-<p>And once I got the unlock code via email, I could use it like
-this:</p>
-
-<p><pre>
-fastboot flash unlocktoken Unlock_code.bin
-</pre></p>
-
-<p>And with that final step in place, the phone was unlocked and I
-could start stuffing the software of my own choosing into the device.
-So far I only inserted a replacement recovery image to wipe the phone
-before I start. We will see what happen next. Perhaps I should
-install <a href="https://www.debian.org/">Debian</a> on it. :)</p>
+ <title>Datalagringsdirektivet kaster skygger over Høyre og Arbeiderpartiet</title>
+ <link>http://people.skolelinux.org/pere/blog/Datalagringsdirektivet_kaster_skygger_over_H_yre_og_Arbeiderpartiet.html</link>
+ <guid isPermaLink="true">http://people.skolelinux.org/pere/blog/Datalagringsdirektivet_kaster_skygger_over_H_yre_og_Arbeiderpartiet.html</guid>
+ <pubDate>Thu, 7 Sep 2017 21:35:00 +0200</pubDate>
+ <description><p>For noen dager siden publiserte Jon Wessel-Aas en bloggpost om
+«<a href="http://www.uhuru.biz/?p=1821">Konklusjonen om datalagring som
+EU-kommisjonen ikke ville at vi skulle få se</a>». Det er en
+interessant gjennomgang av EU-domstolens syn på snurpenotovervåkning
+av befolkningen, som er klar på at det er i strid med
+EU-lovgivingen.</p>
+
+<p>Valgkampen går for fullt i Norge, og om noen få dager er siste
+frist for å avgi stemme. En ting er sikkert, Høyre og Arbeiderpartiet
+får ikke min stemme
+<a href="http://people.skolelinux.org/pere/blog/Datalagringsdirektivet_gj_r_at_Oslo_H_yre_og_Arbeiderparti_ikke_f_r_min_stemme_i__r.html">denne
+gangen heller</a>. Jeg har ikke glemt at de tvang igjennom loven som
+skulle pålegge alle data- og teletjenesteleverandører å overvåke alle
+sine kunder. En lov som er vedtatt, og aldri opphevet igjen.</p>
+
+<p>Det er tydelig fra diskusjonen rundt grenseløs digital overvåkning
+(eller "Digital Grenseforsvar" som det kalles i Orvellisk nytale) at
+hverken Høyre og Arbeiderpartiet har noen prinsipielle sperrer mot å
+overvåke hele befolkningen, og diskusjonen så langt tyder på at flere
+av de andre partiene heller ikke har det. Mange av
+<a href="https://data.holderdeord.no/votes/1301946411e">de som stemte
+for Datalagringsdirektivet i Stortinget</a> (64 fra Arbeiderpartiet,
+25 fra Høyre) er fortsatt aktive og argumenterer fortsatt for å radere
+vekk mer av innbyggernes privatsfære.</p>
+
+<p>Når myndighetene demonstrerer sin mistillit til folket, tror jeg
+folket selv bør legge litt innsats i å verne sitt privatliv, ved å ta
+i bruk ende-til-ende-kryptert kommunikasjon med sine kjente og kjære,
+og begrense hvor mye privat informasjon som deles med uvedkommende.
+Det er jo ingenting som tyder på at myndighetene kommer til å være vår
+privatsfære.
+<a href="http://people.skolelinux.org/pere/blog/How_to_talk_with_your_loved_ones_in_private.html">Det
+er mange muligheter</a>. Selv har jeg litt sans for
+<a href="https://ring.cx/">Ring</a>, som er basert på p2p-teknologi
+uten sentral kontroll, er fri programvare, og støtter meldinger, tale
+og video. Systemet er tilgjengelig ut av boksen fra
+<a href="https://tracker.debian.org/pkg/ring">Debian</a> og
+<a href="https://launchpad.net/ubuntu/+source/ring">Ubuntu</a>, og det
+finnes pakker for Android, MacOSX og Windows. Foreløpig er det få
+brukere med Ring, slik at jeg også bruker
+<a href="https://signal.org/">Signal</a> som nettleserutvidelse.</p>
</description>
</item>
<item>
- <title>How to use the Signal app if you only have a land line (ie no mobile phone)</title>
- <link>http://people.skolelinux.org/pere/blog/How_to_use_the_Signal_app_if_you_only_have_a_land_line__ie_no_mobile_phone_.html</link>
- <guid isPermaLink="true">http://people.skolelinux.org/pere/blog/How_to_use_the_Signal_app_if_you_only_have_a_land_line__ie_no_mobile_phone_.html</guid>
- <pubDate>Sun, 3 Jul 2016 14:20:00 +0200</pubDate>
- <description><p>For a while now, I have wanted to test
-<a href="https://whispersystems.org/">the Signal app</a>, as it is
-said to provide end to end encrypted communication and several of my
-friends and family are already using it. As I by choice do not own a
-mobile phone, this proved to be harder than expected. And I wanted to
-have the source of the client and know that it was the code used on my
-machine. But yesterday I managed to get it working. I used the
-Github source, compared it to the source in
-<a href="https://chrome.google.com/webstore/detail/signal-private-messenger/bikioccmkafdpakkkcpdbppfkghcmihk?hl=en-US">the
-Signal Chrome app</a> available from the Chrome web store, applied
-patches to use the production Signal servers, started the app and
-asked for the hidden "register without a smart phone" form. Here is
-the recipe how I did it.</p>
-
-<p>First, I fetched the Signal desktop source from Github, using
-
-<pre>
-git clone https://github.com/WhisperSystems/Signal-Desktop.git
-</pre>
-
-<p>Next, I patched the source to use the production servers, to be
-able to talk to other Signal users:</p>
-
-<pre>
-cat &lt;&lt;EOF | patch -p0
-diff -ur ./js/background.js userdata/Default/Extensions/bikioccmkafdpakkkcpdbppfkghcmihk/0.15.0_0/js/background.js
---- ./js/background.js 2016-06-29 13:43:15.630344628 +0200
-+++ userdata/Default/Extensions/bikioccmkafdpakkkcpdbppfkghcmihk/0.15.0_0/js/background.js 2016-06-29 14:06:29.530300934 +0200
-@@ -47,8 +47,8 @@
- });
- });
-
-- var SERVER_URL = 'https://textsecure-service-staging.whispersystems.org';
-- var ATTACHMENT_SERVER_URL = 'https://whispersystems-textsecure-attachments-staging.s3.amazonaws.com';
-+ var SERVER_URL = 'https://textsecure-service-ca.whispersystems.org:4433';
-+ var ATTACHMENT_SERVER_URL = 'https://whispersystems-textsecure-attachments.s3.amazonaws.com';
- var messageReceiver;
- window.getSocketStatus = function() {
- if (messageReceiver) {
-diff -ur ./js/expire.js userdata/Default/Extensions/bikioccmkafdpakkkcpdbppfkghcmihk/0.15.0_0/js/expire.js
---- ./js/expire.js 2016-06-29 13:43:15.630344628 +0200
-+++ userdata/Default/Extensions/bikioccmkafdpakkkcpdbppfkghcmihk/0.15.0_0/js/expire.js2016-06-29 14:06:29.530300934 +0200
-@@ -1,6 +1,6 @@
- ;(function() {
- 'use strict';
-- var BUILD_EXPIRATION = 0;
-+ var BUILD_EXPIRATION = 1474492690000;
-
- window.extension = window.extension || {};
-
-EOF
-</pre>
-
-<p>The first part is changing the servers, and the second is updating
-an expiration timestamp. This timestamp need to be updated regularly.
-It is set 90 days in the future by the build process (Gruntfile.js).
-The value is seconds since 1970 times 1000, as far as I can tell.</p>
-
-<p>Based on a tip and good help from the #nuug IRC channel, I wrote a
-script to launch Signal in Chromium.</p>
-
-<pre>
-#!/bin/sh
-cd $(dirname $0)
-mkdir -p userdata
-exec chromium \
- --proxy-server="socks://localhost:9050" \
- --user-data-dir=`pwd`/userdata --load-and-launch-app=`pwd`
-</pre>
-
-<p> The script start the app and configure Chromium to use the Tor
-SOCKS5 proxy to make sure those controlling the Signal servers (today
-Amazon and Whisper Systems) as well as those listening on the lines
-will have a harder time location my laptop based on the Signal
-connections if they use source IP address.</p>
-
-<p>When the script starts, one need to follow the instructions under
-"Standalone Registration" in the CONTRIBUTING.md file in the git
-repository. I right clicked on the Signal window to get up the
-Chromium debugging tool, visited the 'Console' tab and wrote
-'extension.install("standalone")' on the console prompt to get the
-registration form. Then I entered by land line phone number and
-pressed 'Call'. 5 seconds later the phone rang and a robot voice
-repeated the verification code three times. After entering the number
-into the verification code field in the form, I could start using
-Signal from my laptop.
-
-<p>As far as I can tell, The Signal app will leak who is talking to
-whom and thus who know who to those controlling the central server,
-but such leakage is hard to avoid with a centrally controlled server
-setup. It is something to keep in mind when using Signal - the
-content of your chats are harder to intercept, but the meta data
-exposing your contact network is available to people you do not know.
-So better than many options, but not great. And sadly the usage is
-connected to my land line, thus allowing those controlling the server
-to associate it to my home and person. I would prefer it if only
-those I knew could tell who I was on Signal. There are options
-avoiding such information leakage, but most of my friends are not
-using them, so I am stuck with Signal for now.</p>
+ <title>Simpler recipe on how to make a simple $7 IMSI Catcher using Debian</title>
+ <link>http://people.skolelinux.org/pere/blog/Simpler_recipe_on_how_to_make_a_simple__7_IMSI_Catcher_using_Debian.html</link>
+ <guid isPermaLink="true">http://people.skolelinux.org/pere/blog/Simpler_recipe_on_how_to_make_a_simple__7_IMSI_Catcher_using_Debian.html</guid>
+ <pubDate>Wed, 9 Aug 2017 23:59:00 +0200</pubDate>
+ <description><p>On friday, I came across an interesting article in the Norwegian
+web based ICT news magazine digi.no on
+<a href="https://www.digi.no/artikler/sikkerhetsforsker-lagde-enkel-imsi-catcher-for-60-kroner-na-kan-mobiler-kartlegges-av-alle/398588">how
+to collect the IMSI numbers of nearby cell phones</a> using the cheap
+DVB-T software defined radios. The article refered to instructions
+and <a href="https://www.youtube.com/watch?v=UjwgNd_as30">a recipe by
+Keld Norman on Youtube on how to make a simple $7 IMSI Catcher</a>, and I decided to test them out.</p>
+
+<p>The instructions said to use Ubuntu, install pip using apt (to
+bypass apt), use pip to install pybombs (to bypass both apt and pip),
+and the ask pybombs to fetch and build everything you need from
+scratch. I wanted to see if I could do the same on the most recent
+Debian packages, but this did not work because pybombs tried to build
+stuff that no longer build with the most recent openssl library or
+some other version skew problem. While trying to get this recipe
+working, I learned that the apt->pip->pybombs route was a long detour,
+and the only piece of software dependency missing in Debian was the
+gr-gsm package. I also found out that the lead upstream developer of
+gr-gsm (the name stand for GNU Radio GSM) project already had a set of
+Debian packages provided in an Ubuntu PPA repository. All I needed to
+do was to dget the Debian source package and built it.</p>
+
+<p>The IMSI collector is a python script listening for packages on the
+loopback network device and printing to the terminal some specific GSM
+packages with IMSI numbers in them. The code is fairly short and easy
+to understand. The reason this work is because gr-gsm include a tool
+to read GSM data from a software defined radio like a DVB-T USB stick
+and other software defined radios, decode them and inject them into a
+network device on your Linux machine (using the loopback device by
+default). This proved to work just fine, and I've been testing the
+collector for a few days now.</p>
+
+<p>The updated and simpler recipe is thus to</p>
+
+<ol>
+
+<li>start with a Debian machine running Stretch or newer,</li>
+
+<li>build and install the gr-gsm package available from
+<a href="http://ppa.launchpad.net/ptrkrysik/gr-gsm/ubuntu/pool/main/g/gr-gsm/">http://ppa.launchpad.net/ptrkrysik/gr-gsm/ubuntu/pool/main/g/gr-gsm/</a>,</li>
+
+<li>clone the git repostory from <a href="https://github.com/Oros42/IMSI-catcher">https://github.com/Oros42/IMSI-catcher</a>,</li>
+
+<li>run grgsm_livemon and adjust the frequency until the terminal
+where it was started is filled with a stream of text (meaning you
+found a GSM station).</li>
+
+<li>go into the IMSI-catcher directory and run 'sudo python simple_IMSI-catcher.py' to extract the IMSI numbers.</li>
+
+</ol>
+
+<p>To make it even easier in the future to get this sniffer up and
+running, I decided to package
+<a href="https://github.com/ptrkrysik/gr-gsm/">the gr-gsm project</a>
+for Debian (<a href="https://bugs.debian.org/871055">WNPP
+#871055</a>), and the package was uploaded into the NEW queue today.
+Luckily the gnuradio maintainer has promised to help me, as I do not
+know much about gnuradio stuff yet.</p>
+
+<p>I doubt this "IMSI cacher" is anywhere near as powerfull as
+commercial tools like
+<a href="https://www.thespyphone.com/portable-imsi-imei-catcher/">The
+Spy Phone Portable IMSI / IMEI Catcher</a> or the
+<a href="https://en.wikipedia.org/wiki/Stingray_phone_tracker">Harris
+Stingray</a>, but I hope the existance of cheap alternatives can make
+more people realise how their whereabouts when carrying a cell phone
+is easily tracked. Seeing the data flow on the screen, realizing that
+I live close to a police station and knowing that the police is also
+wearing cell phones, I wonder how hard it would be for criminals to
+track the position of the police officers to discover when there are
+police near by, or for foreign military forces to track the location
+of the Norwegian military forces, or for anyone to track the location
+of government officials...</p>
+
+<p>It is worth noting that the data reported by the IMSI-catcher
+script mentioned above is only a fraction of the data broadcasted on
+the GSM network. It will only collect one frequency at the time,
+while a typical phone will be using several frequencies, and not all
+phones will be using the frequencies tracked by the grgsm_livemod
+program. Also, there is a lot of radio chatter being ignored by the
+simple_IMSI-catcher script, which would be collected by extending the
+parser code. I wonder if gr-gsm can be set up to listen to more than
+one frequency?</p>
</description>
</item>
<item>
- <title>The new "best" multimedia player in Debian?</title>
- <link>http://people.skolelinux.org/pere/blog/The_new__best__multimedia_player_in_Debian_.html</link>
- <guid isPermaLink="true">http://people.skolelinux.org/pere/blog/The_new__best__multimedia_player_in_Debian_.html</guid>
- <pubDate>Mon, 6 Jun 2016 12:50:00 +0200</pubDate>
- <description><p>When I set out a few weeks ago to figure out
-<a href="http://people.skolelinux.org/pere/blog/What_is_the_best_multimedia_player_in_Debian_.html">which
-multimedia player in Debian claimed to support most file formats /
-MIME types</a>, I was a bit surprised how varied the sets of MIME types
-the various players claimed support for. The range was from 55 to 130
-MIME types. I suspect most media formats are supported by all
-players, but this is not really reflected in the MimeTypes values in
-their desktop files. There are probably also some bogus MIME types
-listed, but it is hard to identify which one this is.</p>
-
-<p>Anyway, in the mean time I got in touch with upstream for some of
-the players suggesting to add more MIME types to their desktop files,
-and decided to spend some time myself improving the situation for my
-favorite media player VLC. The fixes for VLC entered Debian unstable
-yesterday. The complete list of MIME types can be seen on the
-<a href="https://wiki.debian.org/DebianMultimedia/PlayerSupport">Multimedia
-player MIME type support status</a> Debian wiki page.</p>
-
-<p>The new "best" multimedia player in Debian? It is VLC, followed by
-totem, parole, kplayer, gnome-mpv, mpv, smplayer, mplayer-gui and
-kmplayer. I am sure some of the other players desktop files support
-several of the formats currently listed as working only with vlc,
-toten and parole.</p>
-
-<p>A sad observation is that only 14 MIME types are listed as
-supported by all the tested multimedia players in Debian in their
-desktop files: audio/mpeg, audio/vnd.rn-realaudio, audio/x-mpegurl,
-audio/x-ms-wma, audio/x-scpls, audio/x-wav, video/mp4, video/mpeg,
-video/quicktime, video/vnd.rn-realvideo, video/x-matroska,
-video/x-ms-asf, video/x-ms-wmv and video/x-msvideo. Personally I find
-it sad that video/ogg and video/webm is not supported by all the media
-players in Debian. As far as I can tell, all of them can handle both
-formats.</p>
+ <title>Norwegian Bokmål edition of Debian Administrator's Handbook is now available</title>
+ <link>http://people.skolelinux.org/pere/blog/Norwegian_Bokm_l_edition_of_Debian_Administrator_s_Handbook_is_now_available.html</link>
+ <guid isPermaLink="true">http://people.skolelinux.org/pere/blog/Norwegian_Bokm_l_edition_of_Debian_Administrator_s_Handbook_is_now_available.html</guid>
+ <pubDate>Tue, 25 Jul 2017 21:10:00 +0200</pubDate>
+ <description><p align="center"><img align="center" src="http://people.skolelinux.org/pere/blog/images/2017-07-25-debian-handbook-nb-testprint.png"/></p>
+
+<p>I finally received a copy of the Norwegian Bokmål edition of
+"<a href="https://debian-handbook.info/">The Debian Administrator's
+Handbook</a>". This test copy arrived in the mail a few days ago, and
+I am very happy to hold the result in my hand. We spent around one and a half year translating it. This paperbook edition
+<a href="https://debian-handbook.info/get/#norwegian">is available
+from lulu.com</a>. If you buy it quickly, you save 25% on the list
+price. The book is also available for download in electronic form as
+PDF, EPUB and Mobipocket, as can be
+<a href="https://debian-handbook.info/browse/nb-NO/stable/">read online
+as a web page</a>.</p>
+
+<p>This is the second book I publish (the first was the book
+"<a href="http://free-culture.cc/">Free Culture</a>" by Lawrence Lessig
+in
+<a href="http://www.lulu.com/shop/lawrence-lessig/free-culture/paperback/product-22440520.html">English</a>,
+<a href="http://www.lulu.com/shop/lawrence-lessig/culture-libre/paperback/product-22645082.html">French</a>
+and
+<a href="http://www.lulu.com/shop/lawrence-lessig/fri-kultur/paperback/product-22441576.html">Norwegian
+Bokmål</a>), and I am very excited to finally wrap up this
+project. I hope
+"<a href="http://www.lulu.com/shop/rapha%C3%ABl-hertzog-and-roland-mas/h%C3%A5ndbok-for-debian-administratoren/paperback/product-23262290.html">Håndbok
+for Debian-administratoren</a>" will be well received.</p>
</description>
</item>
<item>
- <title>A program should be able to open its own files on Linux</title>
- <link>http://people.skolelinux.org/pere/blog/A_program_should_be_able_to_open_its_own_files_on_Linux.html</link>
- <guid isPermaLink="true">http://people.skolelinux.org/pere/blog/A_program_should_be_able_to_open_its_own_files_on_Linux.html</guid>
- <pubDate>Sun, 5 Jun 2016 08:30:00 +0200</pubDate>
- <description><p>Many years ago, when koffice was fresh and with few users, I
-decided to test its presentation tool when making the slides for a
-talk I was giving for NUUG on Japhar, a free Java virtual machine. I
-wrote the first draft of the slides, saved the result and went to bed
-the day before I would give the talk. The next day I took a plane to
-the location where the meeting should take place, and on the plane I
-started up koffice again to polish the talk a bit, only to discover
-that kpresenter refused to load its own data file. I cursed a bit and
-started making the slides again from memory, to have something to
-present when I arrived. I tested that the saved files could be
-loaded, and the day seemed to be rescued. I continued to polish the
-slides until I suddenly discovered that the saved file could no longer
-be loaded into kpresenter. In the end I had to rewrite the slides
-three times, condensing the content until the talk became shorter and
-shorter. After the talk I was able to pinpoint the problem &ndash;
-kpresenter wrote inline images in a way itself could not understand.
-Eventually that bug was fixed and kpresenter ended up being a great
-program to make slides. The point I'm trying to make is that we
-expect a program to be able to load its own data files, and it is
-embarrassing to its developers if it can't.</p>
-
-<p>Did you ever experience a program failing to load its own data
-files from the desktop file browser? It is not a uncommon problem. A
-while back I discovered that the screencast recorder
-gtk-recordmydesktop would save an Ogg Theora video file the KDE file
-browser would refuse to open. No video player claimed to understand
-such file. I tracked down the cause being <tt>file --mime-type</tt>
-returning the application/ogg MIME type, which no video player I had
-installed listed as a MIME type they would understand. I asked for
-<a href="http://bugs.gw.com/view.php?id=382">file to change its
-behavour</a> and use the MIME type video/ogg instead. I also asked
-several video players to add video/ogg to their desktop files, to give
-the file browser an idea what to do about Ogg Theora files. After a
-while, the desktop file browsers in Debian started to handle the
-output from gtk-recordmydesktop properly.</p>
-
-<p>But history repeats itself. A few days ago I tested the music
-system Rosegarden again, and I discovered that the KDE and xfce file
-browsers did not know what to do with the Rosegarden project files
-(*.rg). I've reported <a href="http://bugs.debian.org/825993">the
-rosegarden problem to BTS</a> and a fix is commited to git and will be
-included in the next upload. To increase the chance of me remembering
-how to fix the problem next time some program fail to load its files
-from the file browser, here are some notes on how to fix it.</p>
-
-<p>The file browsers in Debian in general operates on MIME types.
-There are two sources for the MIME type of a given file. The output from
-<tt>file --mime-type</tt> mentioned above, and the content of the
-shared MIME type registry (under /usr/share/mime/). The file MIME
-type is mapped to programs supporting the MIME type, and this
-information is collected from
-<a href="https://www.freedesktop.org/wiki/Specifications/desktop-entry-spec/">the
-desktop files</a> available in /usr/share/applications/. If there is
-one desktop file claiming support for the MIME type of the file, it is
-activated when asking to open a given file. If there are more, one
-can normally select which one to use by right-clicking on the file and
-selecting the wanted one using 'Open with' or similar. In general
-this work well. But it depend on each program picking a good MIME
-type (preferably
-<a href="http://www.iana.org/assignments/media-types/media-types.xhtml">a
-MIME type registered with IANA</a>), file and/or the shared MIME
-registry recognizing the file and the desktop file to list the MIME
-type in its list of supported MIME types.</p>
-
-<p>The <tt>/usr/share/mime/packages/rosegarden.xml</tt> entry for
-<a href="http://www.freedesktop.org/wiki/Specifications/shared-mime-info-spec">the
-Shared MIME database</a> look like this:</p>
-
-<p><blockquote><pre>
-&lt;?xml version="1.0" encoding="UTF-8"?&gt;
-&lt;mime-info xmlns="http://www.freedesktop.org/standards/shared-mime-info"&gt;
- &lt;mime-type type="audio/x-rosegarden"&gt;
- &lt;sub-class-of type="application/x-gzip"/&gt;
- &lt;comment&gt;Rosegarden project file&lt;/comment&gt;
- &lt;glob pattern="*.rg"/&gt;
- &lt;/mime-type&gt;
-&lt;/mime-info&gt;
-</pre></blockquote></p>
-
-<p>This states that audio/x-rosegarden is a kind of application/x-gzip
-(it is a gzipped XML file). Note, it is much better to use an
-official MIME type registered with IANA than it is to make up ones own
-unofficial ones like the x-rosegarden type used by rosegarden.</p>
+ <title>«Rapporten ser ikke på informasjonssikkerhet knyttet til personlig integritet»</title>
+ <link>http://people.skolelinux.org/pere/blog/_Rapporten_ser_ikke_p__informasjonssikkerhet_knyttet_til_personlig_integritet_.html</link>
+ <guid isPermaLink="true">http://people.skolelinux.org/pere/blog/_Rapporten_ser_ikke_p__informasjonssikkerhet_knyttet_til_personlig_integritet_.html</guid>
+ <pubDate>Tue, 27 Jun 2017 17:50:00 +0200</pubDate>
+ <description><p>Jeg kom over teksten
+«<a href="https://freedom-to-tinker.com/2017/06/21/killing-car-privacy-by-federal-mandate/">Killing
+car privacy by federal mandate</a>» av Leonid Reyzin på Freedom to
+Tinker i dag, og det gleder meg å se en god gjennomgang om hvorfor det
+er et urimelig inngrep i privatsfæren å la alle biler kringkaste sin
+posisjon og bevegelse via radio. Det omtalte forslaget basert på
+Dedicated Short Range Communication (DSRC) kalles Basic Safety Message
+(BSM) i USA og Cooperative Awareness Message (CAM) i Europa, og det
+norske Vegvesenet er en av de som ser ut til å kunne tenke seg å
+pålegge alle biler å fjerne nok en bit av innbyggernes privatsfære.
+Anbefaler alle å lese det som står der.
+
+<p>Mens jeg tittet litt på DSRC på biler i Norge kom jeg over et sitat
+jeg synes er illustrativt for hvordan det offentlige Norge håndterer
+problemstillinger rundt innbyggernes privatsfære i SINTEF-rapporten
+«<a href="https://www.sintef.no/publikasjoner/publikasjon/Download/?pubid=SINTEF+A23933">Informasjonssikkerhet
+i AutoPASS-brikker</a>» av Trond Foss:</p>
+
+<p><blockquote>
+«Rapporten ser ikke på informasjonssikkerhet knyttet til personlig
+ integritet.»
+</blockquote></p>
+
+<p>Så enkelt kan det tydeligvis gjøres når en vurderer
+informasjonssikkerheten. Det holder vel at folkene på toppen kan si
+at «Personvernet er ivaretatt», som jo er den populære intetsigende
+frasen som gjør at mange tror enkeltindividers integritet tas vare på.
+Sitatet fikk meg til å undres på hvor ofte samme tilnærming, å bare se
+bort fra behovet for personlig itegritet, blir valgt når en velger å
+legge til rette for nok et inngrep i privatsfæren til personer i
+Norge. Det er jo sjelden det får reaksjoner. Historien om
+reaksjonene på Helse Sør-Østs tjenesteutsetting er jo sørgelig nok et
+unntak og toppen av isfjellet, desverre. Tror jeg fortsatt takker nei
+til både AutoPASS og holder meg så langt unna det norske helsevesenet
+som jeg kan, inntil de har demonstrert og dokumentert at de verdsetter
+individets privatsfære og personlige integritet høyere enn kortsiktig
+gevist og samfunnsnytte.</p>
+</description>
+ </item>
+
+ <item>
+ <title>Updated sales number for my Free Culture paper editions</title>
+ <link>http://people.skolelinux.org/pere/blog/Updated_sales_number_for_my_Free_Culture_paper_editions.html</link>
+ <guid isPermaLink="true">http://people.skolelinux.org/pere/blog/Updated_sales_number_for_my_Free_Culture_paper_editions.html</guid>
+ <pubDate>Mon, 12 Jun 2017 11:40:00 +0200</pubDate>
+ <description><p>It is pleasing to see that the work we put down in publishing new
+editions of the classic <a href="http://www.free-culture.cc/">Free
+Culture book</a> by the founder of the Creative Commons movement,
+Lawrence Lessig, is still being appreciated. I had a look at the
+latest sales numbers for the paper edition today. Not too impressive,
+but happy to see some buyers still exist. All the revenue from the
+books is sent to the <a href="https://creativecommons.org/">Creative
+Commons Corporation</a>, and they receive the largest cut if you buy
+directly from Lulu. Most books are sold via Amazon, with Ingram
+second and only a small fraction directly from Lulu. The ebook
+edition is available for free from
+<a href="https://github.com/petterreinholdtsen/free-culture-lessig">Github</a>.</p>
-<p>The desktop file of the rosegarden program failed to list
-audio/x-rosegarden in its list of supported MIME types, causing the
-file browsers to have no idea what to do with *.rg files:</p>
+<table border="0">
+<tr><th rowspan="2" valign="bottom">Title / language</th><th colspan="3">Quantity</th></tr>
+<tr><th>2016 jan-jun</th><th>2016 jul-dec</th><th>2017 jan-may</th></tr>
+
+<tr>
+ <td><a href="http://www.lulu.com/shop/lawrence-lessig/culture-libre/paperback/product-22645082.html">Culture Libre / French</a></td>
+ <td align="right">3</td>
+ <td align="right">6</td>
+ <td align="right">15</td>
+</tr>
+
+<tr>
+ <td><a href="http://www.lulu.com/shop/lawrence-lessig/fri-kultur/paperback/product-22441576.html">Fri kultur / Norwegian</a></td>
+ <td align="right">7</td>
+ <td align="right">1</td>
+ <td align="right">0</td>
+</tr>
+
+<tr>
+ <td><a href="http://www.lulu.com/shop/lawrence-lessig/free-culture/paperback/product-22440520.html">Free Culture / English</a></td>
+ <td align="right">14</td>
+ <td align="right">27</td>
+ <td align="right">16</td>
+</tr>
+
+<tr>
+ <td>Total</td>
+ <td align="right">24</td>
+ <td align="right">34</td>
+ <td align="right">31</td>
+</tr>
-<p><blockquote><pre>
-% grep Mime /usr/share/applications/rosegarden.desktop
-MimeType=audio/x-rosegarden-composition;audio/x-rosegarden-device;audio/x-rosegarden-project;audio/x-rosegarden-template;audio/midi;
-X-KDE-NativeMimeType=audio/x-rosegarden-composition
-%
-</pre></blockquote></p>
+</table>
-<p>The fix was to add "audio/x-rosegarden;" at the end of the
-MimeType= line.</p>
+<p>A bit sad to see the low sales number on the Norwegian edition, and
+a bit surprising the English edition still selling so well.</p>
-<p>If you run into a file which fail to open the correct program when
-selected from the file browser, please check out the output from
-<tt>file --mime-type</tt> for the file, ensure the file ending and
-MIME type is registered somewhere under /usr/share/mime/ and check
-that some desktop file under /usr/share/applications/ is claiming
-support for this MIME type. If not, please report a bug to have it
-fixed. :)</p>
+<p>If you would like to translate and publish the book in your native
+language, I would be happy to help make it happen. Please get in
+touch.</p>
</description>
</item>
<item>
- <title>Tor - from its creators mouth 11 years ago</title>
- <link>http://people.skolelinux.org/pere/blog/Tor___from_its_creators_mouth_11_years_ago.html</link>
- <guid isPermaLink="true">http://people.skolelinux.org/pere/blog/Tor___from_its_creators_mouth_11_years_ago.html</guid>
- <pubDate>Sat, 28 May 2016 14:20:00 +0200</pubDate>
- <description><p>A little more than 11 years ago, one of the creators of Tor, and
-the current President of <a href="https://www.torproject.org/">the Tor
-project</a>, Roger Dingledine, gave a talk for the members of the
-<a href="http://www.nuug.no/">Norwegian Unix User group</a> (NUUG). A
-video of the talk was recorded, and today, thanks to the great help
-from David Noble, I finally was able to publish the video of the talk
-on Frikanalen, the Norwegian open channel TV station where NUUG
-currently publishes its talks. You can
-<a href="http://frikanalen.no/se">watch the live stream using a web
-browser</a> with WebM support, or check out the recording on the video
-on demand page for the talk
-"<a href="http://beta.frikanalen.no/video/625599">Tor: Anonymous
-communication for the US Department of Defence...and you.</a>".</p>
-
-<p>Here is the video included for those of you using browsers with
-HTML video and Ogg Theora support:</p>
-
-<p><video width="70%" poster="http://simula.gunkies.org/media/625599/large_thumb/20050421-tor-frikanalen.jpg" controls>
- <source src="http://simula.gunkies.org/media/625599/theora/20050421-tor-frikanalen.ogv" type="video/ogg"/>
-</video></p>
-
-<p>I guess the gist of the talk can be summarised quite simply: If you
-want to help the military in USA (and everyone else), use Tor. :)</p>
+ <title>Release 0.1.1 of free software archive system Nikita announced</title>
+ <link>http://people.skolelinux.org/pere/blog/Release_0_1_1_of_free_software_archive_system_Nikita_announced.html</link>
+ <guid isPermaLink="true">http://people.skolelinux.org/pere/blog/Release_0_1_1_of_free_software_archive_system_Nikita_announced.html</guid>
+ <pubDate>Sat, 10 Jun 2017 00:40:00 +0200</pubDate>
+ <description><p>I am very happy to report that the
+<a href="https://github.com/hiOA-ABI/nikita-noark5-core">Nikita Noark 5
+core project</a> tagged its second release today. The free software
+solution is an implementation of the Norwegian archive standard Noark
+5 used by government offices in Norway. These were the changes in
+version 0.1.1 since version 0.1.0 (from NEWS.md):
+
+<ul>
+
+ <li>Continued work on the angularjs GUI, including document upload.</li>
+ <li>Implemented correspondencepartPerson, correspondencepartUnit and
+ correspondencepartInternal</li>
+ <li>Applied for coverity coverage and started submitting code on
+ regualr basis.</li>
+ <li>Started fixing bugs reported by coverity</li>
+ <li>Corrected and completed HATEOAS links to make sure entire API is
+ available via URLs in _links.</li>
+ <li>Corrected all relation URLs to use trailing slash.</li>
+ <li>Add initial support for storing data in ElasticSearch.</li>
+ <li>Now able to receive and store uploaded files in the archive.</li>
+ <li>Changed JSON output for object lists to have relations in _links.</li>
+ <li>Improve JSON output for empty object lists.</li>
+ <li>Now uses correct MIME type application/vnd.noark5-v4+json.</li>
+ <li>Added support for docker container images.</li>
+ <li>Added simple API browser implemented in JavaScript/Angular.</li>
+ <li>Started on archive client implemented in JavaScript/Angular.</li>
+ <li>Started on prototype to show the public mail journal.</li>
+ <li>Improved performance by disabling Sprint FileWatcher.</li>
+ <li>Added support for 'arkivskaper', 'saksmappe' and 'journalpost'.</li>
+ <li>Added support for some metadata codelists.</li>
+ <li>Added support for Cross-origin resource sharing (CORS).</li>
+ <li>Changed login method from Basic Auth to JSON Web Token (RFC 7519)
+ style.</li>
+ <li>Added support for GET-ing ny-* URLs.</li>
+ <li>Added support for modifying entities using PUT and eTag.</li>
+ <li>Added support for returning XML output on request.</li>
+ <li>Removed support for English field and class names, limiting ourself
+ to the official names.</li>
+ <li>...</li>
+
+</ul>
+
+<p>If this sound interesting to you, please contact us on IRC (#nikita
+on irc.freenode.net) or email
+(<a href="https://lists.nuug.no/mailman/listinfo/nikita-noark">nikita-noark
+mailing list).</p>
</description>
</item>
<item>
- <title>Isenkram with PackageKit support - new version 0.23 available in Debian unstable</title>
- <link>http://people.skolelinux.org/pere/blog/Isenkram_with_PackageKit_support___new_version_0_23_available_in_Debian_unstable.html</link>
- <guid isPermaLink="true">http://people.skolelinux.org/pere/blog/Isenkram_with_PackageKit_support___new_version_0_23_available_in_Debian_unstable.html</guid>
- <pubDate>Wed, 25 May 2016 10:20:00 +0200</pubDate>
- <description><p><a href="https://tracker.debian.org/pkg/isenkram">The isenkram
-system</a> is a user-focused solution in Debian for handling hardware
-related packages. The idea is to have a database of mappings between
-hardware and packages, and pop up a dialog suggesting for the user to
-install the packages to use a given hardware dongle. Some use cases
-are when you insert a Yubikey, it proposes to install the software
-needed to control it; when you insert a braille reader list it
-proposes to install the packages needed to send text to the reader;
-and when you insert a ColorHug screen calibrator it suggests to
-install the driver for it. The system work well, and even have a few
-command line tools to install firmware packages and packages for the
-hardware already in the machine (as opposed to hotpluggable hardware).</p>
-
-<p>The system was initially written using aptdaemon, because I found
-good documentation and example code on how to use it. But aptdaemon
-is going away and is generally being replaced by
-<a href="http://www.freedesktop.org/software/PackageKit/">PackageKit</a>,
-so Isenkram needed a rewrite. And today, thanks to the great patch
-from my college Sunil Mohan Adapa in the FreedomBox project, the
-rewrite finally took place. I've just uploaded a new version of
-Isenkram into Debian Unstable with the patch included, and the default
-for the background daemon is now to use PackageKit. To check it out,
-install the <tt>isenkram</tt> package and insert some hardware dongle
-and see if it is recognised.</p>
-
-<p>If you want to know what kind of packages isenkram would propose for
-the machine it is running on, you can check out the isenkram-lookup
-program. This is what it look like on a Thinkpad X230:</p>
+ <title>Idea for storing trusted timestamps in a Noark 5 archive</title>
+ <link>http://people.skolelinux.org/pere/blog/Idea_for_storing_trusted_timestamps_in_a_Noark_5_archive.html</link>
+ <guid isPermaLink="true">http://people.skolelinux.org/pere/blog/Idea_for_storing_trusted_timestamps_in_a_Noark_5_archive.html</guid>
+ <pubDate>Wed, 7 Jun 2017 21:40:00 +0200</pubDate>
+ <description><p><em>This is a copy of
+<a href="https://lists.nuug.no/pipermail/nikita-noark/2017-June/000297.html">an
+email I posted to the nikita-noark mailing list</a>. Please follow up
+there if you would like to discuss this topic. The background is that
+we are making a free software archive system based on the Norwegian
+<a href="https://www.arkivverket.no/forvaltning-og-utvikling/regelverk-og-standarder/noark-standarden">Noark
+5 standard</a> for government archives.</em></p>
+
+<p>I've been wondering a bit lately how trusted timestamps could be
+stored in Noark 5.
+<a href="https://en.wikipedia.org/wiki/Trusted_timestamping">Trusted
+timestamps</a> can be used to verify that some information
+(document/file/checksum/metadata) have not been changed since a
+specific time in the past. This is useful to verify the integrity of
+the documents in the archive.</p>
+
+<p>Then it occured to me, perhaps the trusted timestamps could be
+stored as dokument variants (ie dokumentobjekt referered to from
+dokumentbeskrivelse) with the filename set to the hash it is
+stamping?</p>
+
+<p>Given a "dokumentbeskrivelse" with an associated "dokumentobjekt",
+a new dokumentobjekt is associated with "dokumentbeskrivelse" with the
+same attributes as the stamped dokumentobjekt except these
+attributes:</p>
+
+<ul>
+
+<li>format -> "RFC3161"
+<li>mimeType -> "application/timestamp-reply"
+<li>formatDetaljer -> "&lt;source URL for timestamp service&gt;"
+<li>filenavn -> "&lt;sjekksum&gt;.tsr"
+
+</ul>
+
+<p>This assume a service following
+<a href="https://tools.ietf.org/html/rfc3161">IETF RFC 3161</a> is
+used, which specifiy the given MIME type for replies and the .tsr file
+ending for the content of such trusted timestamp. As far as I can
+tell from the Noark 5 specifications, it is OK to have several
+variants/renderings of a dokument attached to a given
+dokumentbeskrivelse objekt. It might be stretching it a bit to make
+some of these variants represent crypto-signatures useful for
+verifying the document integrity instead of representing the dokument
+itself.</p>
+
+<p>Using the source of the service in formatDetaljer allow several
+timestamping services to be used. This is useful to spread the risk
+of key compromise over several organisations. It would only be a
+problem to trust the timestamps if all of the organisations are
+compromised.</p>
+
+<p>The following oneliner on Linux can be used to generate the tsr
+file. $input is the path to the file to checksum, and $sha256 is the
+SHA-256 checksum of the file (ie the "<sjekksum>.tsr" value mentioned
+above).</p>
<p><blockquote><pre>
-% isenkram-lookup
-bluez
-cheese
-fprintd
-fprintd-demo
-gkrellm-thinkbat
-hdapsd
-libpam-fprintd
-pidgin-blinklight
-thinkfan
-tleds
-tp-smapi-dkms
-tp-smapi-source
-tpb
-%p
+openssl ts -query -data "$inputfile" -cert -sha256 -no_nonce \
+ | curl -s -H "Content-Type: application/timestamp-query" \
+ --data-binary "@-" http://zeitstempel.dfn.de > $sha256.tsr
</pre></blockquote></p>
-<p>The hardware mappings come from several places. The preferred way
-is for packages to announce their hardware support using
-<a href="https://www.freedesktop.org/software/appstream/docs/">the
-cross distribution appstream system</a>.
-See
-<a href="http://people.skolelinux.org/pere/blog/tags/isenkram/">previous
-blog posts about isenkram</a> to learn how to do that.</p>
-</description>
- </item>
-
- <item>
- <title>Discharge rate estimate in new battery statistics collector for Debian</title>
- <link>http://people.skolelinux.org/pere/blog/Discharge_rate_estimate_in_new_battery_statistics_collector_for_Debian.html</link>
- <guid isPermaLink="true">http://people.skolelinux.org/pere/blog/Discharge_rate_estimate_in_new_battery_statistics_collector_for_Debian.html</guid>
- <pubDate>Mon, 23 May 2016 09:35:00 +0200</pubDate>
- <description><p>Yesterday I updated the
-<a href="https://tracker.debian.org/pkg/battery-stats">battery-stats
-package in Debian</a> with a few patches sent to me by skilled and
-enterprising users. There were some nice user and visible changes.
-First of all, both desktop menu entries now work. A design flaw in
-one of the script made the history graph fail to show up (its PNG was
-dumped in ~/.xsession-errors) if no controlling TTY was available.
-The script worked when called from the command line, but not when
-called from the desktop menu. I changed this to look for a DISPLAY
-variable or a TTY before deciding where to draw the graph, and now the
-graph window pop up as expected.</p>
-
-<p>The next new feature is a discharge rate estimator in one of the
-graphs (the one showing the last few hours). New is also the user of
-colours showing charging in blue and discharge in red. The percentages
-of this graph is relative to last full charge, not battery design
-capacity.</p>
-
-<p align="center"><img src="http://people.skolelinux.org/pere/blog/images/2016-05-23-battery-stats-rate.png"/></p>
-
-<p>The other graph show the entire history of the collected battery
-statistics, comparing it to the design capacity of the battery to
-visualise how the battery life time get shorter over time. The red
-line in this graph is what the previous graph considers 100 percent:
-
-<p align="center"><img src="http://people.skolelinux.org/pere/blog/images/2016-05-23-battery-stats-history.png"/></p>
-
-<p>In this graph you can see that I only charge the battery to 80
-percent of last full capacity, and how the capacity of the battery is
-shrinking. :(</p>
-
-<p>The last new feature is in the collector, which now will handle
-more hardware models. On some hardware, Linux power supply
-information is stored in /sys/class/power_supply/ACAD/, while the
-collector previously only looked in /sys/class/power_supply/AC/. Now
-both are checked to figure if there is power connected to the
-machine.</p>
-
-<p>If you are interested in how your laptop battery is doing, please
-check out the
-<a href="https://tracker.debian.org/pkg/battery-stats">battery-stats</a>
-in Debian unstable, or rebuild it on Jessie to get it working on
-Debian stable. :) The upstream source is available from <a
-href="https://github.com/petterreinholdtsen/battery-stats">github</a>.
-Patches are very welcome.</p>
-
-<p>As usual, if you use Bitcoin and want to show your support of my
-activities, please send Bitcoin donations to my address
-<b><a href="bitcoin:15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b">15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b</a></b>.</p>
+<p>To verify the timestamp, you first need to download the public key
+of the trusted timestamp service, for example using this command:</p>
+
+<p><blockquote><pre>
+wget -O ca-cert.txt \
+ https://pki.pca.dfn.de/global-services-ca/pub/cacert/chain.txt
+</pre></blockquote></p>
+
+<p>Note, the public key should be stored alongside the timestamps in
+the archive to make sure it is also available 100 years from now. It
+is probably a good idea to standardise how and were to store such
+public keys, to make it easier to find for those trying to verify
+documents 100 or 1000 years from now. :)</p>
+
+<p>The verification itself is a simple openssl command:</p>
+
+<p><blockquote><pre>
+openssl ts -verify -data $inputfile -in $sha256.tsr \
+ -CAfile ca-cert.txt -text
+</pre></blockquote></p>
+
+<p>Is there any reason this approach would not work? Is it somehow against
+the Noark 5 specification?</p>
</description>
</item>
projects / homepage.git / blobdiff